Microsoft Hybrid Cloud blogsite about Management

Tag Archives: Linux

Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.

In this quick overview you will see the possibilities of Microsoft Azure Cloudshell functionalities and tools.

Azure Cloudshell Editor

Azure Cloud Shell includes an integrated file editor built from the open-source Monaco Editor. The Cloud Shell editor supports features such as language highlighting, the command palette, and a file explorer.
This can be handy with JSON and YAML files.

When you have your App YAML file for your Azure Kubernetes Cluster on your Cloud drive, you can edit the file online with your browser and save it in the Azure Cloud. I like this editor in the Cloudshell, especially when you are not behind your own laptop or pc and you have to make a quick change.

I have a Kubernetes Cluster installed on Azure and with this editor I can explore my Azure logs, Cache, and config files for the information I need to work with in Bash, Powershell to do my CLI commands for example 😉

Kubectl is a command line interface for running commands against Kubernetes clusters. kubectl looks for a file named config in the $HOME/.kube directory. You can specify other kubeconfig files by setting the KUBECONFIG environment variable or by setting the –kubeconfig flag.Read here more about Kubectl

Terraform CLI is Available

What is Terraform?
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.
The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.

The key features of Terraform are:

Infrastructure as Code
Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.

Execution Plans
Terraform has a “planning” step where it generates an execution plan. The execution plan shows what Terraform will do when you call apply. This lets you avoid any surprises when Terraform manipulates infrastructure.

Resource Graph
Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.

Change Automation
Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what Terraform will change and in what order, avoiding many possible human errors.

AzCopyis a command-line utility designed for copying data to/from Microsoft Azure Blob, File, and Table storage, using simple commands designed for optimal performance. You can copy data between a file system and a storage account, or between storage accounts.

Conclusion :

Microsoft Azure Cloudshell is very powerful to work with, creating your infrastructure from the Command Line Interface (CLI) or with JSON / YAML scripts. Some features or commands are not available in the Azure portal and that’s where Azure Cloudshell can help you out. Try the different Azure Cloudshell Tools and look what you like most to use for your work. From here you can work on any device with a browser and do your work. #MVPBuzz

When you have your Azure Sentinel Solutions in place with alerting rules and telemetry and analytics is coming to your workspace, Hunting is the next Threat management tool :

Azure sentinel Hunting

Working with Tags and Collaborate with Teammates

Launch Investigations and Bookmark

Working with Azure Notebooks for Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact AzureSentinel@microsoft.com

Create Alert rules with the right mappings, triggers, and scheduling, response automation.

Add your own playbooks for your Security

Unlock the power of AI for security with Machine Learning

Machine Learning in Azure Sentinel is built-in right from the beginning. We have thoughtfully designed the system with ML innovations aimed to make security analysts, security data scientists and engineers productive. One such innovation is Azure Sentinel Fusion built especially to reduce alert fatigue.

Multi-cluster view from Azure Monitor

Azure Monitor provides a multi-cluster view showing the health status of all monitored AKS clusters deployed across resource groups in your subscriptions. It shows AKS clusters discovered that are not monitored by the solution. Immediately you can understand cluster health, and from here you can drill down to the node and controller performance page, or navigate to see performance charts for the cluster. For AKS clusters discovered and identified as unmonitored, you can enable monitoring for that cluster at any time.

Container Live Logs provides a real-time view into your Azure Kubernetes Service (AKS) container logs (stdout/stderr) without having to run kubectl commands. When you select this option, new pane appears below the containers performance data table on the Containers view, and it shows live logging generated by the container engine to further assist in troubleshooting issues in real time.
Live logs supports three different methods to control access to the logs:

But what is coming in 2019 ?

Rocking with Azure in the Classroom !

I will continue every day sharing knowledge with the Community and continue my Free work on MVPbuzz Friday for Education to get Azure Cloud Technology in the Classroom for Teachers and Students.
The trend I see for 2019 is more Infrastructure and Security by Code with Microsoft Azure DevOps
and of course you have to be in Control with Microsoft Azure Monitor

I will write a blogpost in January 2019 about Microsoft Azure Hub-Spoke model by Enterprise Design 4 of 4: Optimize your Azure Workload.

More Items in 2019 to come :

Microsoft Azure Security Center for Hybrid IT

Windows Server 2019 in combination with Azure Cloud Services.

More on Containers in the Cloud

Azure Stack and ASDK

Integration with Azure Cloud.

API Management

Azure DevOps Pipelines and Collabration

Azure IoT for Smart Cities and Buildings combined with AI Technology

2019 will be a Great year again with New Microsoft Technologies and Features for your business.

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

What I really like is that you now can see the Container Live logs from the Azure portal and see what is going on in the background of a Container 🙂

Activate Azure Kubernetes Container Live Logs

Here you see the Container Live logs

This feature provides a real-time view into your Azure Kubernetes Service (AKS) container logs (stdout/stderr) without having to run kubectl commands. When you select this option, new pane appears below the containers performance data table on the Containers view, and it shows live logging generated by the container engine to further assist in troubleshooting issues in real time.
Live logs supports three different methods to control access to the logs:

You even can search in the Container Live Logs for Troubleshooting and history :

Search on ssh

Azure Monitor for containers uses a containerized version of the Log Analytics agent for Linux. After initial deployment, there are routine or optional tasks you may need to perform during its lifecycle.
Because of this agent you can work with Log Analytics in Azure Monitor :

When you have your production workload running on Azure Kubernetes Clusters, It’s important to monitor to keep you in Control of the solution in Microsoft Azure and watch for improvements like performance for the business. With Container Live logs you can see what is going on in the Containers when you have issues and that’s great for troubleshooting to get your problem solved fast. Get your workload into Azure Containers and make your Azure DevOps CI/CD Pipelines in the Cloud.

Introduction

The velocity of change for the Microsoft SQL Server DBA has increased this decade. The span
between the releases of SQL Server 2016 and 2017 was only 16 months, the fastest new release
ever. Gone are the days when DBAs had between three to five years to soak in and adjust to new
features in the engine and surrounding technologies.
This book is written and edited by SQL Server experts with two goals in mind: to deliver a solid
foundational skillset for all of the topics covered in SQL Server configuration and administration,
and also to deliver awareness and functional, practical knowledge for the dramatic number
of new features introduced in SQL Server 2016 and 2017. We haven’t avoided new content—
even content that stretched the boundaries of writing deadlines with late-breaking new releases.
You will be presented with not only the “how” of new features, but also the “why” and the
“when” for their use.

With container support, customers can use Azure’s intelligent Cognitive Services capabilities, wherever the data resides. This means customers can perform facial recognition, OCR, or text analytics operations without sending their content to the cloud. Their intelligent apps are portable and scale with greater consistency whether they run on the edge or in Azure.

Get started with these Azure Cognitive Services Containers

Building solutions with machine learning often requires a data scientist. Azure Cognitive Services enable organizations to take advantage of AI with developers, without requiring a data scientist. We do this by taking the machine learning models and the pipelines and the infrastructure needed to build a model and packaging it up into a Cognitive Service for vision, speech, search, text processing, language understanding, and more. This makes it possible for anyone who can write a program, to now use machine learning to improve an application. However, many enterprises still face challenges building large-scale AI systems. Today Microsoft announced container support for Cognitive Services, making it significantly easier for developers to build ML-driven solutions.

Start with Installing and running Containers

Request access to the private container registry

You must first complete and submit the Cognitive Services Vision Containers Request form to request access to the Face container. The form requests information about you, your company, and the user scenario for which you’ll use the container. Once submitted, the Azure Cognitive Services team reviews the form to ensure that you meet the criteria for access to the private container registry.

Important !

You must use an email address associated with either a Microsoft Account (MSA) or Azure Active Directory (Azure AD) account in the form. If your request is approved, you then receive an email with instructions describing how to obtain your credentials and access the private container registry.

The Face container uses a common configuration framework, so that you can easily configure and manage storage, logging and telemetry, and security settings for your containers.
Configuration settings
Configuration settings in the Face container are hierarchical, and all containers use a shared hierarchy, based on the following top-level structure: